Jump to content
The Dark Mod Forums

Note to Microsoft, stop the smear campaigns and fix your shit. Thank you.


lost_soul

Recommended Posts

If you do not know what I am talking about:

http://www.computerworld.com/s/article/9241542/Microsoft_slams_Gmail_s_Gspam_in_latest_Scroogled_attack_ad

 

A few months ago, I fixed a user's machine that was unbootable due to a messed up MBR. Now, the user contacts us and says that while they were checking their email, their machine got taken over by malware. This malware is SIX months old! It is nothing remotely new. When I left this machine the first time, we had set up active AV and applied security updates, and still the fucking OS gets taken over a couple months later, when the user didn't even actively download a file. All they were doing was sifting through and deleting junk mail.

 

So, Microsoft, stop trying to smear your competitors. Fix your swiss-cheese OS so that it can't get hijacked even in the preasance of active AV by simple emails. Your users will thank you. Fortunately when I left this user months ago, I left them with a Knoppix flash drive. All they had to do to keep using the machine was boot from said flash drive. Perhaps next time they check their email, they can use the flash drive too.

--- War does not decide who is right, war decides who is left.

Link to comment
Share on other sites

Yep. We don't expect perfectly secure software, but after fifteen years, we do expect some attack vectors to be closed. In this case, the user *knew* the emails they were dealing with were junk and did not want to interract with them except to delete them. Why do all mail services not block images/scripting in mails by default and make a user click a button to enable it?

 

FYI you can get hacked by a simple jpeg file if the OS has a buffer-overflow exploit that hasn't been patched. I'm not aware of any in current Windows, but they have existed in the past. Here's an article about one:

http://news.cnet.com/2100-1002_3-5975726.html

--- War does not decide who is right, war decides who is left.

Link to comment
Share on other sites

Well there was also this exploit where all you had to do was plug in a specially crafted USB flash drive, and you became god immediately on the system. Doesn't matter who is logged in, or even if nobody is logged in at all! The problem was in the way Windows identified USB devices at the kernel level.

 

http://fitcom.co/2013/03/13/critical-windows-usb-exploit-allows-flash-drives-to-grant-root-access-patch-issued/

--- War does not decide who is right, war decides who is left.

Link to comment
Share on other sites

I told them months ago to make recovery disks for this computer. They did not listen to me... nobody ever does. Now, we have removed the malware infestation twice and it just comes back later. If we use the recovery partition, the bad guys can just infect that as well.

--- War does not decide who is right, war decides who is left.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recent Status Updates

    • taffernicus

      i am so euphoric to see new FMs keep coming out and I am keen to try it out in my leisure time, then suddenly my PC is spouting a couple of S.M.A.R.T errors...
      tbf i cannot afford myself to miss my network emulator image file&progress, important ebooks, hyper-v checkpoint & hyper-v export and the precious thief & TDM gamesaves. Don't fall yourself into & lay your hands on crappy SSD
       
      · 1 reply
    • OrbWeaver

      Does anyone actually use the Normalise button in the Surface inspector? Even after looking at the code I'm not quite sure what it's for.
      · 7 replies
    • Ansome

      Turns out my 15th anniversary mission idea has already been done once or twice before! I've been beaten to the punch once again, but I suppose that's to be expected when there's over 170 FMs out there, eh? I'm not complaining though, I love learning new tricks and taking inspiration from past FMs. Best of luck on your own fan missions!
      · 4 replies
    • The Black Arrow

      I wanna play Doom 3, but fhDoom has much better features than dhewm3, yet fhDoom is old, outdated and probably not supported. Damn!
      Makes me think that TDM engine for Doom 3 itself would actually be perfect.
      · 6 replies
    • Petike the Taffer

      Maybe a bit of advice ? In the FM series I'm preparing, the two main characters have the given names Toby and Agnes (it's the protagonist and deuteragonist, respectively), I've been toying with the idea of giving them family names as well, since many of the FM series have named protagonists who have surnames. Toby's from a family who were usually farriers, though he eventually wound up working as a cobbler (this serves as a daylight "front" for his night time thieving). Would it make sense if the man's popularly accepted family name was Farrier ? It's an existing, though less common English surname, and it directly refers to the profession practiced by his relatives. Your suggestions ?
      · 9 replies
×
×
  • Create New...